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« Th MAILING DATE of this communication appears on the cov r sheet with the correspondence address « 
Period for Reply 

A SHORTENED STATUTORY PERIOD FOR REPLY IS SET TO EXPIRE 3 MONTH(S) FROM 
THE MAILING DATE OF THIS COMMUNICATION. 

- Extensions of time may be available under the pro vis ions of 37 CFR 1.136(a). In no event, however, may a reply be timely filed 
after SIX (6) MONTHS from the mailing date of this communication. 

- If the period for reply specified above is less than thirty (30) days, a reply within the statutory minimum of thirty (30) days will be considered timely. 

- if NO period for reply is specified above, the maximum statutory period will apply and will expire SIX (6) MONTHS from the mailing date of this communication. 

- Failure to reply within the set or extended period for reply will, by statute, cause the application to become ABANDONED (35 U.S.C. § 133). 

- Any reply received by the Office later than three months after the mailing date of this communication, even if timely filed, may reduce any 
earned patent term adjustment. See 37 CFR 1 .704(b). 

Status 

1 )□ Responsive to communication(s) filed on . 



2a)El This action is FINAL. 2b)D This action is non-final. 

3) D Since this application is in condition for allowance except for formal matters, prosecution as to the merits is 

closed in accordance with the practice under Ex parte Quayle, 1935 CD. 11, 453 O.G. 213. 
Disposition of Claims 

4) E3 Claim(s) 24-36 and 51-58 is/are pending in the application. 

4a) Of the above claim(s) is/are withdrawn from consideration. 

5) D Claim(s) is/are allowed. 

6) E3 Claim(s) 24-36 and 51-58 is/are rejected. 

7) D Claim(s) is/are objected to. 

8) D Claim(s) are subject to restriction and/or election requirement. 

Application Papers 

9) D The specification is objected to by the Examiner. 

10) D The drawing(s) filed on is/are: a)D accepted or b)D objected to by the Examiner. 

Applicant may not request that any objection to the drawing(s) be held in abeyance. See 37 CFR 1.85(a). 

11) K The proposed drawing correction filed on 17 November 2003 is: a)l3 approved b)D disapproved by the Examiner. 

If approved, corrected drawings are required in reply to this Office action. 

12) D The oath or declaration is objected to by the Examiner. 
Priority under 35 U.S.C. §§119 and 120 

13) D Acknowledgment is made of a claim for foreign priority under 35 U.S.C. § 1 19(a)-(d) or (f). 

a)DAII b)D Some*c)D None of: 

1 .□ Certified copies of the priority documents have been received. 

2. Q Certified copies of the priority documents have been received in Application No. . 

3. D Copies of the certified copies of the priority documents have been received in this National Stage 

application from the International Bureau (PCT Rule 17.2(a)). 
* See the attached detailed Office action for a list of the certified copies not received. 

14) 13 Acknowledgment is made of a claim for domestic priority under 35 U.S.C. § 119(e) (to a provisional application). 

a) □ The translation of the foreign language provisional application has been received. 

15) D Acknowledgment is made of a claim for domestic priority under 35 U.S.C. §§ 120 and/or 121 . 
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1) H Notice of References Cited (PTO-892) 4) □ Interview Summary (PTO-413) Paper No(s). . 

2) [Zl Notice of Drafts person's Patent Drawing Review (PTO-948) 5) CI Notice of Informal Patent Application (PTO-152) 

3) (3 Information Disclosure Statement(s) (PTO-1449) Paper No(s) 2 . 6) □ Other: 
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DETAILED ACTION 

Response to Arguments 

Applicant's arguments filed 1 1/17/03 have been fully considered but they are not 
persuasive. The figure 7.4 show that whatever information that is being sent from the proxy to 
the client is encrypted. Some examples of different forms of encryption protocols are shown by 
Bellwood on page 1, second paragraph such as TLS and SSL. 

The limitation of using a third secure session protocol can be seen in the Netscape Proxy 
Server Administrator's Guide in Chapter 7, Fig. 7.4 in view of Bellwood on page 3, lines 21-36. 
Fig. 7.4 is self-descriptive. With respect to Bellwood the following describes the examiner's 
stand. 

In Bellwood on page 3, lines 21-36, therein is described a first and second secure session 
that is created between the client and the proxy. The second session is to serve as a conduit to 
the first server. This is analogous to the third secure session of the applicant's invention. The 
reason is because the third secure session of the applicant's invention serves only as a second 
secure session between the client and the SRP. In the reference, the first secure session can be 
used for transmission of the content request from the client and the proxy, just like in the 
applicant's invention. The second secure session is used to get the proxy to act as a conduit to 
the first server. This is the same function the applicant's third secure session achieves. 
Therefore, the examiner asserts that using a third secure session does not add any novelty to the 
invention. 
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Claim Rejections - 35 USC § 112 

The following is a quotation of the first paragraph of 35 U.S.C. 1 12: 

The specification shall contain a written description of the invention, and of the manner and process of making 
and using it, in such full, clear, concise, and exact terms as to enable any person skilled in the art to which it 
pertains, or with which it is most nearly connected, to make and use the same and shall set forth the best mode 
contemplated by the inventor of carrying out his invention. 

Claim 51 and 52 are rejected under 35 U.S.C. 1 12, first paragraph, because the 
specification, while being enabling for Claims 24-36, for Claims 51-58 it does not reasonably 
provide enablement for "a tamper-resistant mechanism for storing one or more keys" neither 
does it provide enablement for "a tamper-resistant non-volatile card". Claims 51 and 52 contain 
the given limitation. Claims 53-58 contain the limitation by virtue of dependency. 



Claim Rejections - 35 USC §102 

The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the 
basis for the rejections under this section made in this Office action: 
A person shall be entitled to a patent unless - 

(b) the invention was patented or described in a printed publication in this or a foreign country or in public use or on 
sale in this country, more than one year prior to the date of application for patent in the United States. 

Claims 24, 26, 28, 29, 36 are rejected under 35 U.S.C. 102(b) as being anticipated by 
Netscape Proxy Server Administrator's (N.P.S.A) Guide. 
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With respect to Claim 24, the limitation "coupling at least one SRP among at least one 
web browser and at least one web server wherein the at least one SRP receives from the at least 
one web browser requests for establishing a first secure session" is met in Chapter 7, in Fig. 7.4. 

Further limitation of "establishing the first secure session using a first secure session 
protocol between the at least one SRP and the at least on web browser, wherein the web browser 
sends an encrypted request for content to the at least one SRP" is met by Chapter 7 on Figure 7.4 
and Chapter 7, page 3, 2 nd and 3 rd paragraphs. The paragraphs describe the figure 7.4 and 
disclose the referenced limitation. 

Further limitation of "decrypting the encrypted request for content from the at least one 
web browser at the at least one SRP using the first secure session protocol, wherein the at least 
one SRP using the first secure session protocol, wherein the at least one SRP determines that the 
at least one SRP does not possess the requested content" is met by Chapter 9 in the "How 
Caching Works" section and Fig. 9.1. This section and figure discloses how a request from a 
client to a remote server is detoured to the proxy server that determines whether the content is 
available there. 

Further limitation of "establishing a second secure session using a second secure session 
protocol between the at least one SRP and the at least one web server, wherein the second secure 
session is maintained" is met by Chapter 7 on Figure 7.4. This figure shows that a second secure 
session is established between the proxy server and the web server. 

Further limitation of "encrypting the request for content from the at least one web 
browser using the second secure session" is met by Chapter 7 on Fig. 7.4 and the paragraph 
above this figure. 
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Further limitation of "sending the encrypted request for content to the at least one web 
server using the second secure session" is met by Chapter 7 on Fig. 7.4. 

Further limitation of "receiving the content from the at least one web server at the at least 
one SRP using the second secure session" is met by Chapter 7 on Fig. 7.4. 

Further limitation of "decrypting the content using the second secure session protocol" is 
inherently met by Chapter 7 on Fig. 7.4 and the paragraph above the figure because the SRP 
cannot read the data received unless it is decrypted. 

Further limitation of "encrypting the requested content using a third secure session 
protocol" is met by Chapter 7 on Fig. 7.4. The figure 7.4 show that whatever information that is 
being sent from the proxy to the client is encrypted. Some examples of different forms of 
encryption protocols are shown by Bellwood on page 1, second paragraph. Hence it would have 
been obvious to apply a third secure session to encrypt communication for encrypting the data at 
the SRP out of the many available encryption protocols, because the data has to be encrypted in 
some way before it is sent from the SRP to the client as shown in Fig. 7.4. Therefore, the 
examiner asserts that using a third secure session does not add to the novelty of the invention 
because any secure session could have been used to transmit the data from the SRP to the client 
and vice versa. 

Further limitation of "storing the encrypted requested content locally in a memory at the 
at least one SRP" is met by Chapter 9, in the "How Caching Works" section. 

The final limitation of "retrieving the content from the memory at the at least one SRP 
upon subsequent requests for the content" is met by Chapter 9 in the "How Caching Works" 
section. 
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With respect to Claim 26, the limitations "wherein storing includes using non- volatile 
media" is met by the Netscape Proxy Administrator's Guide on Chapter 9, first and fourth 
paragraph. The cache is described under the "Understanding the Cache Structure" of Chapter 9, 
first paragraph as consisting of partitions, which is a storage area located on a disk. These disk 
partitions are non- volatile storage media and hence will retain information when the power is 
removed. 

With respect to Claim 28, the limitation "wherein coupling includes collocating the web 
server and the SRP" is met on Chapter 7 on page 4, "Proxying for Load Balancing" section, first 
three paragraphs. 

With respect to Claim 29, the limitation "wherein content includes an HTTP page" is met 
by Chapter 9, page 1, third paragraph. 

With respect to Claim 36, the limitation "before storing the HTTP page, encrypting the 
HTTP page" is met by on Chapter 7, figure 7.4. 



Claim Rejections - 35 USC§103 
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The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 

obviousness rejections set forth in this Office action: . 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set forth in 
section 102 of this title, if the differences between the subject matter sought to be patented and the prior art are 
such that the subject matter as a whole would have been obvious at the time the invention was made to a person 
having ordinary skill in the art to which said subject matter pertains. Patentability shall not be negatived by the 
manner in which the invention was made. 

Claims 25, 27, 30, 31, 32, 34, 35 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over Netscape Proxy Server Administrator's Guide in view of Bellwood (WO 
01/03398 A2). 

With respect to Claim 25, all the limitation is met by Netscape Proxy Server 
Administrator' s(N.P.S. A.) Guide except the limitation disclosed below. 

The limitation "wherein the third secure session protocol is known only to the at least one 
SRP" is met by Bellwood on page 3, lines 21-36. In the referenced art, there is a first and second 
secure session that is created between the client and the proxy. The second session is to serve as 
a conduit to the first server as shown in the reference. This is analogous to the third secure 
session of the applicant's invention. The reason is because firstly, the third secure session of the 
applicant's invention serves only as a second secure session between the client and the SRP. In 
the reference, the first secure session is for communication between the client and the proxy, just 
like in the applicant's invention. The second secure session is to get the proxy to act as a conduit 
to the first server. This is the same function the applicant's third secure session achieves. 

It would have been obvious to one of ordinary skill in the art at the time the invention 
was made to combine the teachings of Bellwood within the system of the Netscape Proxy Server 
Administrator's(N.P.S.A.) Guide, because for the secure proxy to perform any practical caching 
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functions, there needs to be a secure session created between itself and the client so that the 
integrity of the transmitted encrypted information can be preserved. 

With respect to Claim 27, all the limitation is met by the Netscape Proxy Server 
Administrator's(N.P.S.A.) Guide except the limitation described below. 

The limitation "wherein coupling includes establishing a dedicated secure line between the SRP 
and the web server" is met by Bellwood on page 3, line 40 and page 4, lines 1-2. 
It would have been obvious to one of ordinary skill in the art at the time the invention was made 
to combine the teachings of Bellwood within the system of N.P.S.A. because establishing a 
dedicated line would be useful in providing a secure and private connection to the internet. 

With respect to Claims 30 and 3 1 , all the limitation is met by the Netscape Proxy Server 
Administrator 5 s(N.P.S, A.) Guide except the limitation described below. 

The limitation "wherein the first/second secure session includes Transport Layer Security 
protocol" is met by Bellwood on page 1, lines 13-17. 

It would have been obvious to one of ordinary skill in the art at the time the invention 
was made to combine the teachings of Bellwood within the system of N.P.S.A. because TLS is a 
well-known and effective protocol in providing privacy and data integrity between 
communicating entities. 

With respect to Claim 32, all the limitation is met by the Netscape Proxy Server 
Administrator's(N.P.S.A.) Guide except the limitation described below. 
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The limitation "wherein the first secure session includes Secure Socket Layer protocol" is 
met by Bellwood on page 1, lines 13-17. 

It would have been obvious to one of ordinary skill in the art at the time the invention 
was made to combine the teachings of Bellwood within the system of N.P.S.A. because SSL is a 
well-known and effective protocol in providing privacy and data integrity between 
communicating entities. 

With respect to Claim 34 and 35, all the limitation is met by the Netscape Proxy Server 
Administrator's(N.P.S.A.) Guide except the limitation described below. 

The limitation "wherein the first/second secure session includes IPsec" is implicitly met 
by Bellwood on page 1, lines 13-17. 

It would have been obvious to one of ordinary skill in the art at the time the invention 
was made to combine the teachings of Bellwood within the system of N.P.S.A. because IPsec is 
a form of authentication and encryption protocol and is comparable to TLS/SSL with respect to 
achieving the same functions of preserving the integrity of the data. 

Claims 37, 52, 53, 54, 55, 58 are rejected under 35 U.S.C. 103(a) as being unpatentable 
over Netscape Proxy Server Administrator's Guide in view of Maruyama et al (US2002/00 15497 
Al) 

With respect to Claim 37, the limitation "a processing mechanism" is met inherently by 
N.P.S.A. in Chapter 7, first paragraph. 
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Further limitation of "an encryption and decryption mechanism" is inherently met by 
N.P.S.A. in Chapter 7, page 1, fourth paragraph and Fig. 7.4. 

Further limitation of "a tamper-resistant mechanism for storing one or more keys, 
wherein the one or more keys are known only to the SRP and are used for encrypting the content 
before storing the content in a secure local cache for future requests for the content" is partly met 
by N.P.S.A. in Chapter 7, Fig. 7.4. N.P.S.A. however does not disclose a tamper resistant 
mechanism for storing one or more keys. 

The tamper resistant mechanism for storing one or more keys is met by Maruyama et al 
on paragraph 52 on page 4. 

It would have been obvious to one of ordinary skill in the art at the time the invention 
was made to combine the teachings of Maruyama et al within the system of N.P.S.A. because a 
tamper resistant mechanism for storing keys provides a greater form of security to the system. 

With respect to Claim 52, all the limitation is met by N.P.S.A. except that disclosed 

below. 

The limitation of "wherein the tamper-resistant mechanism includes a tamper-resistant 
non- volatile card" is met by Maruyama et al on paragraph 52, on page 4. 

It would have been obvious to one of ordinary skill in the art at the time the invention 
was made to combine the teachings of Maruyama et al within the system of N.P.S.A. because a 
tamper resistant mechanism provides a greater form of security to the system. 
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With respect to Claim 53, the limitation "wherein the local cache includes non- volatile 
memory" is met by the Netscape Proxy Administrator's (N.P.S.A.) Guide on Chapter 9, first and 
fourth paragraph. The cache is described under the "Understanding the Cache Structure" of 
Chapter 9, first paragraph as consisting of partitions, which is a storage area located on a disk. 
These disk partitions are non- volatile storage media and hence will retain information when the 
power is removed. 

With respect to Claim 54, the limitation "wherein the SRP appliance is configured for 
using a secure protocol" is met by N.P.S.A. on Chapter 7, page 2, 2 nd paragraph. 

With respect to Claim 55, the limitation "wherein the SRP appliance is configured for 
using a secure socket layer protocol" is met N.P.S.A. on Chapter 7, page 2, 2 nd paragraph. 

With respect to Claim 58, the limitation "wherein the SRP appliance is coupled among at 
least one web server and at least one web browser, wherein the SRP appliance intercepts requests 
from the at least one web browser to establish a secure network communication session with the 
at least one web server" is met by N.P.S.A. on Chapter 7, figure 7.4. 

Claim 56 and 57 are rejected under 35 U.S.C 103(a) as being unpatentable over Netscape 
Proxy Server Administrator's (N.P.S.A.) Guide in view of Maruyama et al (US2002/0015497 
Al) in further view of Bellwood (WO 01/03398 A2) 

With respect to Claim 56, all the limitation is met by the combination of N.P.S.A. and 
Maruyama et al except that of an IPSec protocol being used. 
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The limitation "wherein the SRP appliance is configured for using EPSec techniques" is 
met implicitly by Bellwood on page 1, lines 13-17. 

It would have been obvious to one of ordinary skill in the art at the time the invention 
was made to combine the teachings of Bellwood within the system of N.P.S.A. because IPsec is 
a form of authentication and encryption protocol and is comparable to TLS/SSL with respect to 
achieving the same functions of preserving the integrity of the data. 

With respect to Claim 57, all the limitation is met by the combination for N.P.S.A. and 
Maruyama except that of using a TLS protocol. 

This is met by Bellwood on page 1, lines 13-17. 

It would have been obvious to one of ordinary skill in the art at the time the invention 
was made to combine the teachings of Bellwood within the system of N.P.S.A. because TLS is a 
well-known and effective protocol in providing privacy and data integrity between 
communicating entities. 

Conclusion 

THIS ACTION IS MADE FINAL. Applicant is reminded of the extension of time 
policy as set forth in 37 CFR 1 .136(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within TWO 
MONTHS of the mailing date of this final action and the advisory action is not mailed until after 
the end of the THREE-MONTH shortened statutory period, then the shortened statutory period 
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will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 
CFR 1 .136(a) will be calculated from the mailing date of the advisory action. In no event, 
however, will the statutory period for reply expire later than SIX MONTHS from the mailing 
date of this final action. 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Tracey Akpati whose telephone number is 703-305-7820. The 
examiner can normally be reached on 8.30am-6.00pm. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Kim Vu can be reached on 703-305-4393. The fax phone numbers for the 
organization where this application or proceeding is assigned are 703-746-7240 for regular 
communications and 703-746-7238 for After Final communications. 

Any inquiry of a general nature or relating to the status of this application or proceeding 
should be directed to the receptionist whose telephone number is 703-305-3900. 



OTA 

January 20, 2004 



w KIMVU 
SUPERW23RY PATENT EXAMINER 
TECKXOLCaV CENTER 2100 




